(CVE-2022-1292) - The c_rehash script allows command injection. (BSA-2022-1846)

Security Advisory ID: BSA-2022-1846 Component: OpenSSL Revision: 2.0 The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an...

CVE-2022-38150

In Varnish Cache 7.0.0, 7.0.1, 7.0.2, and 7.1.0, it is possible to cause the Varnish Server to assert and automatically restart through forged HTTP/1 backend responses. An attack uses a crafted reason phrase of the backend response status line. This is fixed in 7.0.3 and 7.1.1...

varnish -- Denial of Service Vulnerability

Varnish Cache Project reports: A denial of service attack can be performed against Varnish Cache servers by specially formatting the reason phrase of the backend response status line. In order to execute an attack, the attacker would have to be able to influence the HTTP/1 responses that the...

[SECURITY] Fedora 36 Update: clamav-0.103.7-1.fc36

Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...

openssl: c_rehash script allows command injection

A flaw was found in OpenSSL. The crehash script does not properly sanitize shell meta-characters to prevent command injection. Some operating systems distribute this script in a manner where it is automatically executed. This flaw allows an attacker to execute arbitrary commands with the privileg...

Fedora: Security Advisory for caddy (FEDORA-2022-5ef0bd9a27)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: geoipupdate-4.9.0-3.fc36

The GeoIP Update program performs automatic updates of GeoIP2 binary database s...

[SECURITY] Fedora 36 Update: caddy-2.4.6-4.fc36

Caddy is the web server with automatic HTTPS...

Update Google Chrome now! New version includes 11 important security patches

The latest Google Chrome update includes 11 security fixes, some of which could be exploited by an attacker to take control of an affected system. Google Chromes Stable channel has been updated to 103.0.5060.134 for Windows, Mac, and Linux, and the new version will roll out over the coming...

Fedora: Security Advisory for act (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: dnscrypt-proxy-2.1.1-4.fc35

A flexible DNS proxy, with support for modern encrypted DNS protocols such as DNSCrypt v2 and DNS-over-HTTP/2. Features: - DNS traffic encryption and authentication. Supports DNS-over-HTTPS DoH and DNSCrypt. - DNSSEC compatible - DNS query monitoring, with separate log files for regular and...

[SECURITY] Fedora 35 Update: caddy-2.3.0-3.fc35

Caddy is the web server with automatic HTTPS...

[SECURITY] Fedora 36 Update: caddy-2.4.6-3.fc36

Caddy is the web server with automatic HTTPS...

Fedora: Security Advisory for geoipupdate (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for act (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Update now! Chrome patches ANOTHER zero-day vulnerability

Google has released version 103.0.5060.114 for Chrome, now available in the Stable Desktop channel worldwide. The main goal of this new version is to patch CVE-2022-2294. CVE-2022-2294 is a high severity heap-based buffer overflow weakness in the Web Real-Time Communications WebRTC component whic...

[SECURITY] Fedora 36 Update: golang-github-hashicorp-consul-migrate-0.1.0-9.20190602git678fb10.fc36

Consul-migrate is a Go package and CLI utility to perform a very specific data migration for Consul servers nodes. Between Consul versions 0.5.0 and 0.5.1, the backend for storing Raft data was changed from LMDB to BoltDB. To support seamless upgrades, this library is embedded in Consul version...

[SECURITY] Fedora 36 Update: geoipupdate-4.9.0-2.fc36

The GeoIP Update program performs automatic updates of GeoIP2 binary database s...

[SECURITY] Fedora 36 Update: dnscrypt-proxy-2.1.1-4.fc36

A flexible DNS proxy, with support for modern encrypted DNS protocols such as DNSCrypt v2 and DNS-over-HTTP/2. Features: - DNS traffic encryption and authentication. Supports DNS-over-HTTPS DoH and DNSCrypt. - DNSSEC compatible - DNS query monitoring, with separate log files for regular and...

[SECURITY] Fedora 36 Update: act-1.6.0-6.fc36

The Automatic Component Toolkit ACT is a code generator that takes an instance of an Interface Description Language file and generates a thin C89-API, implementation stubs and language bindings of your desired software component...